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We prove the decidability of the logic T_> of Ticket Entailment. Raised by Anderson and 
Belnap within the framework of relevance logic, this question is equivalent to the 
question of the decidability of type inhabitation in simply-typed combinatory logic with 
the partial basis BB'IW. We solve the equivalent problem of type inhabitation for the 
restriction of simply-typed lambda-calculus to hereditarily right-maximal terms. 

The partial bases built upon the atomic combinators B, B', C, I, K, W of combinatory logic 
are well-known for being closely connected with propositional logic. The types of their 
combinators form the axioms of implicational logic systems that have been studied for 
well over 70 years ( |Trigg et al. 1994] ). The partial basis BB'IW corresponds, via the types 
of its combinators, to the system T_> of Ticket Entailment introduced and motivated in 
QAnderson and Belnap 1975} lAnderson et al. 1 990). The system 7% consists of modus 
poncns and four axiom schemes that range over the following types for each atomic 
combinator: 

— B : ( X ->• ip) -> ((0 -> x) -> (<t> -> *!>)) 

— B' : (0 -> x) -> «X -> i>) -+ (0 -> 1>)) 

— I : <j) -Kf> 

— W : (0 -> {4> -> X )) -> {4> -»• X) 

The type inhabitation problem for BB'IW is the problem of deciding for a given type 
whether there exists within this basis a combinator of this type. This problem is equiva- 
lent to the problem of deciding whether a given formula can be derived in T_». 

Surprisingly, the question of the decidability of 7% has remained unsolved since it 
was raised in (Anderso n and Belnap 19"75] ) , although the problem has been thoroughly 
explored within the framework of relevance logic with proofs of decidability and un- 
decidability for several related systems. For instance the system of Relevant Im- 
plication (which corresponds to the basis BCIW) and the system of Entailment 
( jAndersorT and Belnap 1975) are both decidable ( |Kripke 1959[ ) whereas the extensions 
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R, E, T of R^, E-)., 2% to a larger set of connectives (— >, A, V) are undecidable 
( Urquhart 1984| . 

In 2004, a partial decidability result for the type inhabitation problem was proposed 
in (|Broda et al. 2004)) for a restricted class of formulas - the class of 1-unary formulas 
in which every maximal negative subformula is of arity at most 1. Broda, Dams, Fin- 
ger and Silva e Silva's approach is based on a translation of the problem into a type 
inhabitation problem for the hereditary right-maximal (HRM) terms of lambda calcu- 
lus ( [Trigg et kT994|lBunder 1996|IBroda et al. 2004|) . The closed HRM-terms form the 
closure under /3-reduction of all translations of BB'IW-terms, accordingly the type inhab- 
itation problem within the basis BB'IW is equivalent to the type inhabitation problem 
for HRM-terms. 

We use in this paper the same approach as Broda, Dams, Finger and Silva e Silva's. 
We prove that the type inhabitation problem for HRM-terms is decidable, and conclude 
that the logic is decidabl^E 

Summary 

In Section 1, we recall the definition of hereditarily right- maximal terms and the equiv- 
alence between the decidability of type inhabitation for BB'IW and the decidability of 
type inhabitation for HRM-terms. The principle of our proof is depicted on Figure [1] 

In Sections 2 and 3 we provide for each formula <f> a partial characterisation of the 
inhabitants of <p in normal form and of minimal size. We show that all those inhabitants 
belong to two larger sets of terms, the set of compact and locally compact inhabitants of <f>. 

In Section 4 we show how to associate, with each locally compact inhabitant M of a 
formula cf>, a labelled tree with the same tree structure as M. We call this tree the shadow 
of M. We define for shadows the analogue of compactness for terms and prove that the 
shadow of a compact term is itself compact. 

Finally, in Section El we prove that for each formula cf> the set of all compact shadows 
of inhabitants of <j> is a finite set (hence the set of compact inhabitants of </> is also a finite 
set), and that this set is effectively computable from (j>. The proof appeals to Higman 
Theorem and Kruskal Theorem - more precisely, to Mellies' Axiomatic Kruskal Theorem. 

The decidability of the type inhabitation problem for HRM-terms and the decidability 
of X!_>. follow from this last key result: given an arbitrary formula 0, this formula is 
inhabited if and only if there exists a compact shadow with the same tree structure as 
an inhabitant of 0, and our key lemma proves that the existence of such a shadow is 
decidable. 

Preliminaries 

The first section of this paper assumes some familiarity with pure and simply-typed 
lambda-calculus and with the usual notions of a-conversion, /3-reduction and /3-normal 

t In the course of the publication of this article, we heard of a work in progress by Katalin Bimbo and 
Michael Dunn towards a solution that is seemingly based on a different approach. 
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Fig. 1. Principle of the proof of decidability of type inhabitation for HRM-terms. 



form ( jBarendregt 1984) IKrivine 1993[) . The last three notions are not essential to our 
discussion, as we later focus exclusively on a particular set of simply-typed terms in 
/3-normal form. We shall briefly recall the definitions and results used in Section 1. 
The set of terms of pure lambda- calculus (X-terms) is inductively defined by: 

— every variable a; is a A-term, 

— if M is a A-term and x is a variable, then (XxM) is a A-term, 

— if M, N are A-terms, then (MN) is a A-term. 

Terms yielded by the second and third rules are called abstractions and applications re- 
spectively. The parentheses surrounding applications and abstractions are often omitted if 
unambiguous. We let Xxi . . . x n .MN\ . . . N p abbreviate (Xxi(. . . (Xx n (((MNi) . . .)N P )) . . .)). 
For instance, Xxy.x(xy)z stands for (Xx(Xy((x(xy))z))). 

The bound variables of M are all x such that Xx occurs in M. A variable x is free in 
M if and only: 

— M = x, or, 

— M = Xy.N, y ^ x and x is free in N, or, 

— M = NP and x is free in N or free in P. 

A closed term is a term with no free variables. The raw substitution of N for x in M , 
written M(x N), is the term obtained by substituting TV for every free occurrence of x 
in M (every occurrence of x that is not in the scope of a Aa;). We require this substitution 
to avoid variable capture (for all y free in N, no free occurrence of x in M is in the scope 
of a Ay): 

— if y = x, then y(x <~ N) is equal to N, otherwise it is equal to y, 

— {Xx.M)(x <- N) = Xx.M, 

— if y ^ x and y is free in iV, then {Xy.M){x <— N) is undefined, 

— if y ^ x, y is not free in N and M (x N) = M' , then (Xy.M)(x <- N) = Xy.M', 
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— if M x {x <-N)=M[ and M 2 {x <- N) = M' 2l then (M 1 M 2 )(x <- JV) = (M[M£. 
The a-conversion is defined as the least binary relation = a such that: 

— if M = a M', y is not free in M' and M'(x <- y> = M", then (Xx.M) = a (Xy.M") 

— if Mi = Q Mi and M 2 = Q M£, then (MiM 2 ) = Q (M[M^. 

For instance Ax.y = Q Az.y ^ Q Ay.y. It is a common practice to consider A-terms up to 
a-conversion, however we will not follow this practice in our exposition. 
The j3 -reduction is the least binary relation j3 satisfying: 

— if M = a (Xx.N)P and N(x <- P) = JV', then M/3JV'. 

— if M/3M', then (Ax.M)^(Ax.M'), (MN)P(M'N) and (NM)fi(NM'). 

In the first rule, £ is not necessarily free in JV, so we may have jV = JV' - in particular, 
free variables may disappear in the process of reduction. 

We write /?* for the reflexive and transitive closure of j3. A term M is in f3-normal form 

— or ft -normal - if there is no M' such that M/3M' . A term M is normalising if there is 
a normal iV - called normal form of M - such that Mj3* N . It is strongly normalising if 
there is no infinite sequence M = Mof3Mif3Al2 ■ ■ ■ 

It is well-known that /3-conversion enjoys the Church-Rosser property: if Mf3*N and 
M/3*N', then there exist two a-convertible P,P' such that N/3*P and N'f3*P'. As a 
consequence, if a term is normalising then its normal form is unique up to a-conversion. 

The judgment "assuming Xi, . . . ,x n are of types ipx,...ip n , the term M is of type 4>" , 
written {x\ : ipi, . . . , x n : "0n} l~ M : 0, where ipi, . . . ,ip n ,<f> are formulas of propositional 
calculus and distinct variables, is defined by: 

— r h a? : "0 for each i : (/i e T, 

— if T U {x : 0} h M : ^, then T h AxM : -> V- 

— if T h M : -4- V and T h JV : cj), then T h (MJV) : ip 

The simply-typable terms are all M for which there exist T, such that T \- M : <ft. Note 
that r contains all variables free in M. The following properties are well-known: 

1 (Strong normalisation) If T h M : 0, then M is strongly normalising. 

2 (Subject reduction) If V h M : and Mf3N, then T h JV : 0. 

1. From BB'IW to simply-typed lambda-calculus 

The aim of this first section is to provide a precise characterisation of simply-typable 
terms that are typable with inhabited types in BB'IW, so as to transform the problem 
of type inhabitation in BB'IW into a type inhabitation problem in lambda-calculus. The 
types of atomic combinators in BB'IW are also types for their respective counterparts 
Xfgx.f(gx), Xfgx.g(fx), Xx.x, Xhx.hxx in lambda-calculus, hence to each inhabited type 
cj> in BB'IW corresponds at least one closed A-term of type 4>. Moreover, subject reduction 
and strong normalisation (see above) also ensure the existence of a closed normal A-term 
of type cj>. What we lack is a criterion to distinguish amongst all typed normal forms the 
ones that are reducts of translations of combinators within BB'IW. 

The material and the results of this section are not new (|Bunder 19 96 Bro da et al. 2 004 ). 
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The reader may as well skip the contents of Sections II .31 and l l.4l entirely, accept Lemma 
11.101 then go on with the study of stable parts and blueprints in Section [2] 

The definition of hereditarily right-maximal terms is an adaptation of the definition 
given in (jBunder 1996|) . The proof of Lemma 11.61 (subject reduction for HRM-terms) is 
similar to the proof of Property 2.4, p. 375 in (Bro da et al. 20 04). The right-to-left impli- 
cation of Lemma Tl. 101 can be deduced from Property 2.20, p. 390 in (Br oda et al. 2004)) . 
although our proof method seems to be simpler. 

1.1. Lambda- calculus 

Let X be a countably infinite set of variables x,y,z . . . together with a one-to-one func- 
tion O from X to N . For all x, y in X, we write x < y when O(x) < 0(y). Throughout 
the sequel, by term we always mean a term of lambda-calculus built over those vari- 
ables. For each term M, we write Free(Af) for the strictly increasing sequence of all free 
variables of M. 

Terms are not identified modulo a-conversion - apart from Section 1, all considered 
terms will be in normal form, and the Greek letters a, f3 will be even used with new 
meaning at the beginning of Section 2. We adopt however the usual convention according 
to which two distinct A's may not bound the same variable in a term, and no variable 
can be simultaneously free and bound in the same term. 

1.2. Hereditarily right-maximal terms 

Definition 1.1. The set of hereditarily right-maximal (HRM) terms is inductively de- 
fined as follows: 

1 Each variable x is HRM. 

2 If M is HRM and x is the greatest free variable of M then Xx.M is HRM. 

3 If M, N are HRM, and for each free variable x of M there exists a free variable y of 
N such that x < y, then (MN) is HRM. 

The second rule ensures that all HRM-terms are A/-terms, that is, terms in which every 
subterm Xx.M is such that x is free in M. As a consequence the set of free variables of 
an HRM-term is preserved under /3-reduction. As we shall see below (Lemma ll.6|) . right- 
maximality can also be preserved at the cost of appropriate bound variable renamings. 

In the third rule, if N is closed then so is M. When M and N are non-closed terms, 
the greatest free variable of M is less than or equal to the greatest free variable of N. 
For instance, if / < g < x and h < x, then Xfgx.f(gx), Xfgx.g(fx), Xx.x, Xhx.hxx are 
HRM, whereas Xyz.zy is not, no matter if y < z or y > z. 

Definition 1.2. Let VL be a function mapping each variable to a formula, in such a way 
that il _1 (</>) is an infinite set for each 4>. We extend this function to the set of all strictly 
increasing finite sequences of variables, letting Q(x\, . . . , x n ) — (il(xi), . . . , Sl(x n )). 

Definition 1.3. The judgment M : <f), in words "M is of type <fi w.r.t f2", is defined by: 
— if Q(x) = (j), then x : 0, 
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— if x : x, M : ip and Xx.M is HRM, then Xx.M : \ -> ip, 

— if M : X -+ tp, N : X and (MN) is HRM, then (MN) : ip. 

The function f2 will remain fixed throughout our exposition. Accordingly the type of a 
term M w.r.t will be called the type of M, without any further reference to the choice 
of ft. Note that every typed term is HRM. 

Definition 1.4. We write Anf for the set of all typed terms in j3- normal form. We call 
Anf -inhabitant of <j> every closed term M E Anf of type <f>. 

The next lemma is the well-known subformula property of simply-typed lambda-calculus: 

Lemma 1.5. (Subformula Property) Let M be a ANF-hihabitant of <p. The types of the 
subterms of M are subformulas of <j>. 

1.3. Subject reduction of hereditarily right-maximal terms 

Lemma 1.6. Suppose there exists a closed M : <p. Then <p> is ANF-hihabited. 

Proof. (1) We leave to the reader the proof of the fact that for every variable y and 
for every N : <fi, there exists N' = a N such that N' : <j> and every bound variable of N' 
is strictly greater than y. 

(2) We prove the following proposition by induction on P. Let P, Q be typed HRM- 
terms. Suppose: 

— x and Q are of the same type, 

— if Q is closed and x e Free(P), then x = min(Free(P)) 

— if Q is not closed, then for all z E Free(P): 

if z < x then z < max(Free(Q)), 
if x < z then max(Free(Q)) < z. 

— if Q is not closed, then max(Free(Q)) < z for all bound variables z of P. 

Then R — P(x Q) is defined, HRM and of the same type as P. The proposition is 
clear if P is a variable. 

Suppose P — Xz.P' . Then Free(P') = Free(P) • (z). By induction hypothesis R' = 
P'{x <— Q) is defined, HRM and of the same type as P' . The variable z is still the 
greatest free variable of R 1 and z is not free in Q, hence R — Xz.R'. 

Suppose P = (P1P2). By induction hypothesis Ri = Pi(x 4— Q) is defined, HRM and 
of the same type as Pi for each i S {1, 2}. It remains to check that R = (R1R2) is HRM. 
Assume x is free in P and Pi is not closed. 

Suppose max(Free(Pi)) > x. Then max(Free(Pi)) = max(Free(Pi)) < max(Free(P 2 )) = 
max(Free(Pt2))- 

Suppose max(Free(Pi)) < x. The term Q cannot be closed, and max(Free(Pi)) = 
max(Free(Pi)) < max(Free(Q)). We have either max(Free(P 2 )) = x and max(Free(P 2 )) = 
max(Free(Q)), or max(Free(P 2 )) > x and max(Free(P 2 )) = max(Free(P 2 )). 

Otherwise max(Free(Pi)) = x. Suppose max(Free(P 2 )) > x. Then max(Free(P 2 )) = 
max(Free(P 2 )). If Q is closed, then Free(Pi) = (x) and Pi is closed. Otherwise we have 
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max(Free(i?i)) = max(Free(<3)) < max(Free(P2))- The remaining case is max( Free (P2)) = 
x. If Q is closed then Free(Pi) = Free(P 2 ) = (x) and R\, R2 are closed. Otherwise 
max(Free(i?i)) = max(Free(i?2) = max(Free(Q)). 

(3) Assume N : (f> and N is not in normal form. We prove by induction on TV the 
existence of N' : <t> such that N/3N'. If N = Xx.P, or if N = [NiN 2 ) with N x or N 2 
not in normal form, then the existence of N' follows from the induction hypothesis and 
the fact that /3-reduction preserves the set of free variables of an HRM-tcrm. Otherwise 
N = (Xx.P)Q where for each free variable z of Xx.P, we have z < x and there exists a 
free variable y of Q such that z < y. By (1) there exists P' = a P such that P' : 4> and no 
bound variable of P' is less than or equal to a free variable of Q. The variable x is the 
greatest free variable of P' . By (2), the term N' = P'(x Q) is well-defined, HRM and 
of the type <j>. Moreover N/3N'. 

(4) We now prove the lemma. The term M is a simply-typable HRM-term. The strong 
normalisation property implies the existence of a normal form N of M. The term N is still 
a closed term. By (1), there exists N' = a N such that N' : </>, that is, <j> is ANF-inhabitcd, 

□ 



1.4. Equivalence between inhabitation in BB'IW and Anf -inhabitation 

In the next three lemmas by <pi . . . 4> n — ¥ ip we mean the formula (<fii —>■(... (4> n — > ip) . . .)) 
if n > 0, and otherwise the formula tp. We write 1-bb'iw <fi for the judgment "there exists 
within the basis BB'IW a combinator of type 0". 

Lemma 1.7. If Kbb'iw 0, then <p is ANF-inhabitcd. 

Proof. If / < g < x and h < x, then Xx.x, Xfgx.f(gx), Xfgx.g(fx) and Xhx.hxx are 
HRM. For each type <fi of an atomic combinator, the variables /, g, h, x can be chosen so 
that one of those terms is of type (f>. The set of all formulas <f> for which there exists a 
closed M of type 4> is closed under modus ponens. By Lemma ll.6[ every such formula is 
ANF-hihabited. □ 

Lemma 1.8. If Kbb'iw X ^ then ^BB'iw {(f>i-.-(f>n x) ^ {<f>i---4>n V 1 ) for 
all <j)i, ... , <j) n . 

Proof. By induction on n, using left-applications of B. □ 

Lemma 1.9. Suppose (ii, . . . ,i n ), (ji, ■ . ■ ,jm), (ki, . . . ,k p ) are strictly increasing se- 
quences of integers, {fci, . . . , k p } = {ix, . . . , i n , ji, . . . , j m }, n = or (n > 0, m > 0, 

in < jm). If 

1 r-BB'IW Uii ■ --u ln ->■ (x -> 

2 r-BB'iw ■ ■ •W Jm — > Xi 
then h-BB'iw u kl . . . uj kp -> ip. 

Proof. By induction on n + m. The proposition is true if n = m = 0. Assume n+m > 0. 
Then m > 0. 

Suppose n = 0. Then (ji, . . . ,j m ) = (k\, . . . , k p ). We have: 
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(i) ^BB'IW (x -> -0) -> (K m -> x) -> (w im -> V)) 

(ii) l-BB'iw (wj m ->■ x) -> (Wj m -> ^) 

where: (i) is a type for B; (ii) follows from (i), (1) and modus ponens. If m = 1 then 
^BB'iw — > ip follows from (ii), (2) and modus ponens. Otherwise heB'iw Uj t . . - u>j m — > 
ip follows from (ii), (2) and the induction hypothesis. 

We now assume n > 0. Suppose m > 1 and i n < j m -i- Then 
(hi) l-BB'iw (x-*i>)-> -> x) -> (wj m -)• ^)) 

(iv) I-bb'iw • • • w< n -)• (x VO) ■ ■ -Uin -> ((Wj m x) -> (wj m -> $))) 

(v) r-BB'IW Wii •••W in -> -> x) (Wj m VO) 

where: (hi) is a type for B; (iv) follows from (hi) and Lemma Tl .81 (v) follows from (iv), 
(1) and modus ponens. We have k p — j m and {k\, . . . , = . . . ,i n , ji, ■ ■ ■ ,jm-i}- 

Since i n < j m -i, we have Kbb'iw Wk\ ■ ■ ■ w fc p -i — ► ( w j m ~^ ip) by (v), (2) and the induction 
hypothesis. 

Suppose to = 1 or (m > 1 and i n > j m -i)- Then 

(vi) h BB 'iw (u>j m -> x) -> ((X VO -> K' m -> ?/>)) 

(vh) h BB 'iw (wj! • • • uij m ->■ x) ->• • • • w J ,„_ 1 -> ((x -> VO ~> ~> VO)) 

(viii) Kbb'iw • --^jm-i ((X -> -> -> */>)) 

(ix) h B B'IW u> ni . . . UJ„ q -> (wj m -> ip) 

where: (vi) is a type for B'; (vii) follows from (vi) and Lemma ll.8( (viii) follows from 

(vii) , (2) and modus ponens; {ni, . . . , n q } — {ji, . . . , j m — 1> i\, . ■ . , i n }; (ix) follows from 

(viii) , (1) and the induction hypothesis. If j rn > i n , then (m, . . . , n q ,j m ) — (k%, . . . , kp). 
Otherwise j m — i n , n q — i n , (n\, . . . n q ) = (k\, . . . , k p ) and 

(x) ^BB'IW Ufa ■ • -^fcp-i -» (w,„ ->■ (Wj„ ->■ ^)) 

(xi) hsB'IW (Wt n -> (Wj„ -> 0)) -> (Wi B -> V 1 ) 

(xii) Kbb'iw (wfci ■ • ■ Wfc p _i (w t „ -> (wi„ V))) ~> • ■ • Wfc p -i ( w *n ^)) 

(xiii) hsB'iw Wfci ■ - .Wfep_i (wi„ ^) 

where: (x) is (ix); (xi) is a type for W; (xii) follows from (xi) and Lemma [L8l (xiii) follows 
from (x), (xii) and modus ponens; (xiii) is Hbb'iw w fci ■ • ■ ^k p ip- D 

Lemma 1.10. For every formula (p, we have Kbb'iw <P> if and only if <p is ANF-inhabited. 

Proof. The left to right implication is Lemma 11.71 Using Lemma 11.91 when M is an 
application, an immediate induction on M shows that if M : ip, Free(Af) = (x\, . . . ,x n ) 
and xi : xi, ■ ■ ■ ,x n ■ Xn, then h B B'iw Xi ■ • • X™ ->■ 4> □ 



2. Stable parts and blueprints 

The last lemma showed that the decidability of type inhabitation for BB'IW is equivalent 
to the decidability of ANF-inhabitation. The sequel is devoted to the elaboration of a 
decision algorithm for the latter problem. 

The problem we shall examine throughout Sections 2 and 3 is the following: if an 
inhabitant is not of minimal size, is there any way to transform it (with the help of grafts 
and/or another compression of some sort) into a smaller inhabitant of the same type? 
This question is not easy because we are dealing with a lambda-calculus restricted with 
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strong structural constraints (righ-maximality) . There are however simple situations in 
which an inhabitant is obviously not of minimal size. 

Consider a ANF-inhabitant M and two subterms N, P of M such that P is a strict 
subterm of N. Suppose: 

— N, P are applications of the same type or abstractions of the same type. 

— Free(N) = X = (xi,. . .,x n ), 

— Free(P) = Y = . . . , , . . . , y%, . . . , y» ) 

— n(x) = (xi,...,xn), 

— n(F) = (x5,...,4 1 ,...,x&,.-.,^ B ). 

— X} = Xt for each i,j. 

Then M is not of minimal size. Indeed we can rename the free variables of P (letting 
p(Uj) = x i) so as to obtain a term P' of the same size as P, of the same type and the same 
free variables as N. The subterm N of M can be replaced with P' in M. The resulting 
term is a ANF-inhabitant of the same type but of strictly smaller size. 

This simple property is far from being enough to characterise the minimal inhabi- 
tants of a formula: there are indeed formulas with inhabitants of abitrary size in which 
this situation never occurs. What we need is a more flexible way to reduce the size of 
non-minimal inhabitants. In particular, we need a better understanding of our available 
freedom of action if we are to rename the free variables of a term - possibly occurrence 
by occurrence - and if we want to ensure that right-maximality is preserved. This section 
is devoted to the proof of two key lemmas that delimit this freedom. 

— In Sections 12. 1[ 12.21 and 12.21 we show how to build from any term M £ Anf a par- 
tial tree labelled with formulas. This partial tree is called the blueprint of M. This 
blueprint can be seen as a synthesized version of M that contains all and only the 
information required to determine whether a (non-uniform) renaming of the free vari- 
ables of M will preserve hereditarily right-maximality. 

— In Sections 12.41 and 12.51 wc introduce a rewriting relation on blueprints that allows 
one to "extract" sequences of formulas from a blueprint. 

— In section [2~Bl we prove our two key lemmas. Lemma 12.151 clarifies the link between the 
blueprints of M and Xx.M (provided both are in Anf)- This lemma proves in particu- 
lar that the sequence of the types of the free variables of M (that is, Q(Free(M))) can 
always be extracted from its blueprint. Lemma 12.161 shows that for every sequence 
of formulas 4> that can be extracted from the blueprint of M, there exists a (non- 
uniform) renaming of the free variables of M that will produce a term N of the same 
type and with the same blueprint as M, and such that f2(Free(iV)) = 4>- 

As a continuation of our first example, let us examine the consequences of this last result. 
Consider again a ANF-inhabitant M and two subterms N, P of M such that P is a strict 
subterm of N and N, P are applications of the same type or abstractions of the same 
type. Suppose: 

— the sequence 0(Free(iV)) can be extracted from the blueprint of P. 

This situation is a generalization of the preceding one (in our first example Q(X) could 
also be extracted from the blueprint of P, see Definition I2.10|) . The term M is still not 
of minimal size. Indeed, we may use the second key lemma to prove the existence of 
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(non-uniform) renaming of the free variables of P that will produce a term P' of the 
same type as P such that Free(P') = Free(TV). The term N can be replaced with P' in 
M. 

2.1. Partial trees and trees 

Definition 2.1. Let (A , <) be the set of all finite sequences over the set N+ of natural 
numbers, ordered by prefix ordering. Elements of A are called addresses. We call partial 
tree every function 7r whose domain is a set of addresses. For each partial tree 7r and for 
each address a, we let -K\ a denote the partial tree c i— > Tr(a-c) of domain {c | a-c G dom(7r)}. 

Definition 2.2. For all partial trees tt,it' and for every address a, we let ir[a <— tt'] 
denote the partial tree tt" such that 7r"| a = ir' and 7r"(6) = ir(b) for all b G dom(7r) such 
that a ^ b. 

Definition 2.3. A tree domain is a set A C A such that for all aei: every prefix of a 
is in A; for every integer i > 0, if a ■ (i) G A, then a • (j) e A for each j G {1, . . . , i — 1}. 
A tree domain A is finitely branching if and only if for each a *E A, there exists an i > 
such that a ■ (i) is undefined. We call tree every function whose domain is a tree domain. 

In the sequel terms will be freely identified with trees. We identify: x with the tree 
mapping e to x; Xx.M with the tree r mapping e to Xx and such that r^) is the tree 
of M ; (MiM 2 ) with the tree r mapping e to @ and such that t^) is the tree of Mj for 
each i € {1, 2}. 

2.2. Blueprints 

Definition 2.4. Let (3 be the signature consisting of all formulas and all symbols of the 
form where <j> is a formula. Each formula is considered as a symbol of null arity. Each 
@0 is of arity 2. 

We call blueprint every finite partial tree a : A — > © satisfying the following condition: 
for each a S A, if a(a) = then «| a -(i) an< i a |a (2) are of non-empty domains. A rooted 
blueprint is a blueprint a such that e G dom(a). 

For each 5 C 6, we call S -blueprint every blueprint whose image is a subset of S. We 
write B(<S) for the set of all 5-blueprints, and B £ (<S) for the set of all rooted 5-blueprints. 

Definition 2.5. For every blueprint a and every address a, the relative depth of a in a 
is the number of b G dom(a) such that b < a. The relative depth of a is defined as if a 
is of empty domain, the maximal relative depth of an address in a otherwise. 

In the sequel the following notations will be used to denote blueprints (see Figure [2]): 

— b denotes the blueprint of empty domain. 

— we abbreviate e i— > (f> as <j). 

— ©^(ai, a-i) denotes the (rooted) blueprint a such that a(e) = 4>, aim = aj., ot\(2) = a i- 

— for every sequence a = (ai, . . . , ajt) of pairwise incomparable addresses, %(ai, . . . , a&) 
denotes the blueprint a of minimal domain such that oe\ ai = on for each i G [1, . . . , fc]. 
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a = (ai, . . . ,a k ) 



Fig. 2. Construction of blueprints, with the notations of Section |2~21 In the upper 
diagram, the blueprints a and (3 must be non-empty. Although ot\, . . . , ak are 
displayed from left to right, the sequence (oi, . . . , ak) needs not to be 
lexicographically ordered. 

— we let *(ai, . . . , ak) denote the blueprint %(ai, . . . , a k ) such that a = ((1), . . . , (k)). 

For each blueprint a, the choice of a, a\, . . . , ak such that a — +„(ai, . . . , ak) is obvi- 
ously not unique. The sequence (ai, . . . ,a k ) may contain an arbitrary number of empty 
blueprints, hence the sequence a may be of arbitrary length. Also, a can be roooted (if 
k = 1, a\ = e and a\ is rooted) or empty (if k = or a\ = ... = ak = 0b)- Those 
ambiguities will not be difficult to deal with, but they will require a few precautions in 
our proofs and definitions by induction on blueprints. 

2.3. Blueprint of a term 

Definition 2.6. For all M e Anf, the stable part of M is the set of all a 6 dom(M) 
such that Free(M| a ) C Free(M) and Mi a is a variable or an application. 

It is easy to check that our conventions (no variable is simultaneously free and bound in 
a term) ensure that the stable part of a term does not depend on the choice of variable 
names. Since M is in normal form, M is of empty stable part if and only if it is closed. 

Definition 2.7. For all M 6 Anf, we call blueprint of M the function a mapping each 
a in the stable part of M to: 

— ip if M| a is a variable of type ip, 

— @^ if M| is an application of type ip. 

We let M lh a denote the judgment "M is of blueprint a" (Figure [3]). 

If M — (M 1 M 2 ) S A NF , M : 0, M x lh ai, M 2 lh a 2 , then each a t is of non-empty 
domain and (MiM 2 ) lh @^(ai, a 2 ) - in other words the so-called blueprint of M is indeed 
a blueprint, provided so are the blueprints of Mi, M 2 . When M = Ax. Mi the blueprint 
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x\ Vi x 2 x z y y 2 <I>1 B 4>2 <fe B B 

Fig. 3. An element of Anf with its blueprint (xo < x\ < yi, X2 < £3 < yo < 2/2, 
%i < Vo < Vi)- 

of M is of the form * (a) - the relation between a and the blueprint of Mi in that case 
will be clarified by Lemma \2. 151 

Lemma 2.8. For all M € Anf and forall a ■ b e dom(M): 

1 If Free(Af| a . b ) C Free(Af) then Free(M| a . b ) C Free(M| a ). 

2 If M| a lh a and M\ a . b lh /3, then a| b = /3. 

Proof. The first proposition is a consequence of our bound variable convention (see 
Section [Li]): if Free(M) = X, Free(Af| a ) = X' U Y where I'CI and A, F are disjoint, 
then every element of Free(Mi .(,) in A is also an element of A'. Thus if a ■ b is in the 
stable part of M, then b is also in the stable part of M\ a . The second proposition is 
equivalent to the first. □ 

2.4. Extraction of the formulas of a blueprint 

Definition 2.9. The judgment "/3 is the blueprint obtained by extracting the formula 
<p at the address a in the blueprint a", written a >^ (3, is inductively defined by: 

1 

2 ifa>5/3, then@^( 7 ,a)o^ 2) -%(7,/3) 

3 if a>gj8, then *(6 > c 1( ...,c h )( a »7i:---:7fc) >£ a *(6,ci,...,c fc )(j9)7i) • • • .7n)- 

In (2) we assume of course that a and 7 are non-empty. In (3) we assume b ^ s in order 
to avoid circularity. 

For instance (Figure [5]): 
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Fig. 4. Principle of blueprint reduction. 



-> x 




<i>^x 



X^ip 




Fig. 5. Full reductions of @v(x -> V', @x(</> -> X: 0)) to B • 



(2,2) 



(2,1) 



*(X ->■ -> X,0b)) 

*(X -> ^,*(0b,0b)) 



^ *(0b,*(0b,0b)) = 0b 



,(x^V,@ x W>^x,0)) >^ 2) *(x^,*(0^x,0b)) 

*(0b,*(>^X,0b)) 
*(0b,*(0b,0b)) = 0b 



(i) 

X-Hl> 
(2,1) 

4>^x 



When a >^ /3, the blueprint /3 can be seen as a in which the formula at a is erased 
together with all @'s in the path to a. At each @ this path must follow the right branch 
of @. The constraints on the construction of blueprints imply the existence of at least 
one such path in every non-empty blueprint, even if it is not the blueprint of a term. 
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F 






F 1 


F 2 




pp 



G 






G 1 


G 2 




G p 



F 1 


G 1 


F 2 


G 2 




pp 


G p 



Fig. 6. Shuffling of two sequences. The chunks of F and G need not to be of the 
same size - some of them can be empty. Every contraction of the resulting 
sequence belongs to ®(F, G). Each contraction belongs also to ®(F, G) when F, G 
are non-empty and the last chunk G p of G is non-empty. 



2.5. Sets of extractible sequences 

Definition 2.10. For each formula cf>, let >^ be the relation defined by: a >0 j3 if and 
only if there exists a such that a >^ /?. We write > J for the transitive closure of >^. For 
each a, we write F (a) for the set of all sequences (cf>i, . . . , <f> n ) such that a\>^ . . . >J i 0b • 

The set F (a) is what we called "set of extractible sequences of a" in the introduction 
of Section [2] Note that F(0b) = {s}- If c* ^ 0b, then all elements of ¥ (a) are non- 
empty sequences. Note also that each > -reduction strictly decreases the cardinality of 
the domain of a blueprint, therefore F (a) is a finite set for all a. We now introduce the 
notion of shuffle which will allow us to characterise F (a) depending on the structure of 
a. 

Definition 2.11. A contraction of a sequence F is either the sequence F or a sequence 
G ■ (f) ■ H where G ■ (/) • (/) • H is a contraction of F. 

Definition 2.12. For all finite sequences F\, . . . , F n we call shuffle of (F\, . . . , F n ) every 
sequence F± ■ . . . ■ F* ■ . . . ■ Ff ■ . . . ■ F p such that F} ■ . . . ■ Ff — Fi for each i. For each 
tuple of sets of finite sequences {F\, . . . , F n ) we write ©(^i, . . . , F n ) for the closure under 
contraction of the set of shuffles of elements of T\ x . . . x T n . 

Definition 2.13. Given two non-empty finite sequences F%,F2, we call right-shuffle of 
(Fi , F 2 ) every sequence F± ■ F% ■ . . . ■ ■ F$ such that F^ • ... Ff = Fi for each i and 
F% 7^ e. For each pair of sets of non-empty finite sequences (Fx,^) we write ®(J-i, Fz) 
for the closure under contraction of the set of right-shuffles of elements T\ x Tj. 

The principle of (right-)shuffling is depicted on Figure [6l The following properties follow 
from our definitions and will be used without reference: 

1 If a = 0b, then ¥ (a) = {e}. 

2 If a = 4>, then F (a) = {(<£)}. 

3 If a = %(Qi,...,a t ), then F (a) = ®(F (ai), . . . ,F (a k )). 

4 If a = @ (ai,a 2 ), then ¥ (a) = ®(F(c*i),F (a 2 )). 
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2.6. Abstraction vs. extraction 

Lemma 2.14. Suppose {ai, . . . , a p } = {bi, . . . , b p }, and: 

— a >£ . . . f3, 

— a . . . t>' p /3'. 
Then /3 = fi'. 

Proof. By an easy induction on a. □ 

Recall that for every strictly increasing sequence of variables X — (x±, . . . , x n ), we write 
Q(X) for the sequence of the types of x\, . . . , x n . We now clarify the link between the 
blueprint a of a term M and the one of Xx.M. 

The next lemma shows in particular that if M,Xx.M 6 Anf, then M and Xx.M 
are of blueprints a and j3 if and only if there exist do, . . . , a p such that {do, • • • , a p } = 
{a | M\ a = x}, a>%> ... t>x p a' and (3 = *(«') (Figure [7]). 

Lemma 2.15. Suppose M G Anf is of blueprint a, with Free(M) = (xi, . . . , x n ) and 
Cl(xi, ...,x n ) = (xi, ■ ■ ■ ,Xn)- For each % S [0, .. . ,n]: 

— let ai be the restriction of a to dom(a) fl {a | Free(Af| a ) C \x\, . . . , Xi}}. 

— let j3i be the blueprint of Xxi+i . . . x n .M, 

Then: 

1 For each i £ [0, . . . , n] we have dom(/?i) = {l n_1 • a | a £ dom(aj)} and ft^n-i = a.;. 
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2 For each i e ]0, . . . , n]: 

(a) there exist a\, . . . , such that {oq, . . . , a* } = {a | Ml = £;} 
and oti \> x " . . . \> Xi CKj— i, 

(b) if {b , . . . ,b Pi } — {a \ M\ a — Xi} and cti \> x °. . . . >xi a ' then a' = a,_x. 

3 We have (xi, ■ • ■ , Xn) e F (a). 

Proof. Property (1) follows immediately from the definition of a blueprint. Since 
a n = a and ao = 0b, Property (3) follows from Property (2. a). Property (2.b) fol- 
lows from Property (2. a) and Lemma [2.141 As to prove (2. a) we introduce the following 
notations. 

For each N 6 Anf, we let pat be the least partial function satisfying the following 
conditions: for every blueprint 7, we have pat (£,7) = 7; for every finite sequence of 
variables Y and for every blueprint 7, if pn(Y, 7) = S, {b \ N\ b = y} = {60, • • • , b rn } and 
6>$... > b x m 6', then p M {{y)-Y, 7) = 5'. By Lemma^H if {b \ N ]b = y} = {b a , b m } = 
{c , . . . , Cm}, $> b x - ■ -t> x m S' and St> x ". . .> x m S", then 8' = 5", thus pn is indeed a function. 
For each finite sequence of variables Y' and for each blueprint 7, we let pn{Y', 7) be the 
restriction of 7 to dom(7) n {b | Free(A| b ) C Y'}. 

We shall prove by induction on M that for all pairs (A, A') such that Free(M) = A- A', 
we have pm{X, a) = pj\r(X', a) - in particular for all i > we have 

oii-i = pm((xi, . . . ,Xi_i),a) 
= Pm{{xu ■ ■ ■ ,x n ),a) 
= PM((xi), Pm((x%+i ■ • ■ , x n ), a)) 

= PM{{Xi),pLM{{x\ ■ ■ .,Xi),a)) 
= PM{{xi),Cti) 

thus (2. a) holds. The case X 1 = e is immediate, hence we may as well assume that X' 
is a non-empty suffix of Free(M). The case of M equal to a variable follows immediately 
from our definitions. 

Suppose M = (M1M2), Mi lh 71 and M 2 lh 72- There exist X 1 ,X 2 ,X[, X' 2 such that: 
I1UI2 = X; X[ U X' 2 = X'; Free(M 7 ) = X j ■ Aj for each j G {1,2}. We have a = 
@v(7i,72) where -0 is the type of M, and p M (X,a) = *(p, Ml (Xi, It), Mm 2 (A 2 , 72))- By 
induction hypothesis /jm, (Aj, 7 i) = (A,', 7 j) for each i. The sequence A' is non-empty 
hence the last elements of A', X 2 are equal. Assume A' = A" • (x) and A2 = • (x). 
If x is not the last element of X[ then: 

PM(X',a) = p M (A" • (x), @^(7i,72)) 

= p M ( A( U X£ , * ( 7l , P M 2 ( (x) , 72 ) ) ) 
= * (PAh ( X[ , 71 ) , p Af2 ( A 2 ' , p Af2 ( (x) , 72 ) ) ) 
= *(p Ml (Al, 7l ),pM 2 (A^.(x),72)) 
= * (p Ml ( A( , 71 ) , p A f 2 ( A 2 , 72 ) ) 
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Free(M) = (x ± : xi, ■ ■ • ,x n ■ Xn) 




Free(iV) = (y ± : Wi, . . . , y m : w m ) 



Fig. 8. A non-uniform renaming of the variables of M, based on an alternate 
extraction of the formulas of its blueprint. 

Otherwise, X[ — X" ■ (x) and we have: 

p M (X'.a) =Pm(^',%(7i,72)) 

= pM(X['UX^*(p Ml {{x),li),PM 2 ((x)n2))) 
= * (PAh {X'{ , p Ml ( (x) , 7i )) , Pm 2 (X 2 ' , pu 2 ((x) , 72))) 
= *{p Ml {X" ■ (x),1i),Pm 2 (X!! -(x), l2 )) 
= * (PMx (^"l , 71 ) > /?M 2 {X' 2 , 72 ) ) 

In either case 

p M (X',a) = *{p Ml {X[,~{i), Pm 2 {X' 2 ,~{2)) 
= * (fi Ml {Xi , 7i ) , fi M2 (X 2 , 72) ) 
= PAi(X,a) 

Suppose M = Ax. Mi, Mi lh 71. By induction hypothesis pu x {X, 71) = pui {X' -(x),-fi) — 
p Ml {X' ,p Ml {{x),')i)) = p Ml (X',p:(X-X',ji)) = p Ml (X',a\ (1) ). Moreover p Ml {X, 71) = 
^(^MMil^'.Ti)) = MMi(^ja|(i))- Hence ^A//!(^,a|(i)) = PmA x ', «|(i)) 5 therefore 
/u Ml a) = PMi □ 

Thus the full sequence of the types of the free variables of M can be extracted from 
its blueprint. The next lemma shows that conversely for each sequence \ m ^ there 
exists a term N with the same domain, blueprint and of the same type as M, and such 
that the sequence of types of the free variables of N is equal to x, see Figure [8j 

Lemma 2.16. Let M G Anf be a term of blueprint a. Suppose 

a >£...>£ ... >£° ...>k 0b 

Then for every strictly increasing sequence of variables Y = {yi,...,y m ) such that 
i7(Y~) = (lu\, . . . ,w m ), there exists N with the same domain, blueprint and of the same 
type as M such that Free(iV) = Y and {b \ N\ b = yi} = {b\, . . . , b l p .} for each i. 

Proof. By induction on M. The proposition is clear if M is a variable. The case of 
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Fig. 9. How the compression of terms is able to follow the compression of 
blueprints. 

M = (M1M2) follows easily from the induction hypothesis. Suppose M — Xx.Mi :(/>—>%/) 
with Mi lh 7. Let Y' = (yi, . . . , y m ,x). By Lemma \2. 151 (2. a) there exist 01, . • • , a p such 
that {ax, . . . , a p } = {a \ M\ a = x} and 7 t>^° . . . 7' = a\ x . Now 

a > u ° m . . . >J™ ... >Ji . . . oj; 1 B 
hence each is of the form (1) ■ c*-. Furthermore 

7 >l° ...\>l" >£...>£ ... >^...>^0b 

By induction hypothesis there exists N\ with the same domain, blueprint and of the same 
type as Mi such that Free(iVi) = Y', {a \ N^ a — x} — {ao, . . . , a p } and {c | Nxi c = yi} = 
{cq, . . . ,Cp. } for each i. By Lemma [2. 151 (2. b) we have Xx.Ni lh a, hence we may take 
N = Xx.Nl □ 



3. Vertical compressions and compact terms 

The aim of this section is to provide a partial characterisation of minimal inhabitants. 
Section [3. II is just a simple remark on the relative depths of their blueprints, and an easy 
consequence of the subformula property (Lemma II. 5[) : if M is a minimal ANF-hihabitant 
of </>, then for all addresses a in M the blueprint of M\ a is of relative depth at most k xp, 
where: 

— k is the number of A in the path from the root to M to a, 

— p is the number of subformulas of <j>. 

We call locally compact every ANF-inhabitant satisfying this condition. In Section [3.2l wc 
introduce the notion of vertical compression of a blueprint. A (strict) vertical compression 
of /3 is obtained by taking any address b in j3, then by grafting /3| b at any address a < b such 
that /3(a) = /3(b). The vertical compressions of /3 are all blueprints obtained by applying 
this transformation to /3 zero of more times. The key property of those compressions is 
the following (see Figure [HJ: 

— If M is of blueprint (3 and a is a vertical compression of /3, the compression of /? into 
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a can be mimicked by a compression of M into an HRM-tcrm, in the following sense. 
Assuming a — (3[a <— (3\ b ] (the base case), the term Q = M[a <r- Mi;,] is not in general 
an HRM-term. However, there exists an HRM-term M' with the same domain as Q 
and of the same type as M. Moreover M' and M are applications of the same type 
or abstractions of the same type. 

Let us again consider a ANF-inhabitant M and two addresses a, b such that a < b, M\ a 
and M|{, are applications of the same type or abstractions of the same type. Suppose: 

— there exists a vertical compression a 1 of the blueprint of Mif, such that the sequence 
fi(Free(M| a )) can be extracted from a'. 

This situation is a generalisation of the last example in the introduction of Section [2] 
(in which a' was equal to the blueprint of Mif,, thereby a trivial compression of this 
blueprint). The term M is not minimal. Indeed, the key property above implies the 
existence of a term N of blueprint a' whose size is not greater than the size of Af^, and 
such that A, Afij,, M\ a are applications of the same type or abstractions of the same type. 
By Lemma 12.161 there exists a term P of the same type and with the same domain as 
A such that Free(P) = Free(M| a ). The graft of P at a yields an inhabitant of strictly 
smaller size. 

We will call compact all inhabitants in which the preceding situation does not occur. 
All inhabitants of minimal size are of course compact. As we shall see in Section [5j we 
will not need a sharper characterisation of minimal inhabitants. For every formula <f>, 
the set of compact inhabitants of <f> is actually a finite set, and our decision method will 
consist in the exhaustive computation of their domains. 

3.1. Depths of the blueprints of minimal inhabitants 

Definition 3.1. Two terms M,M' G Anf are of the same kind if and only if they are 
both variables, or both applications, or both abstractions, and if they are of the same 
type. 

Definition 3.2. For all formulas 0, we write Sub(</>) for the set of all subformulas of <fi. 

Definition 3.3. Let M G Anf- Let a be any address in M. Let (eti,...,a TO ) be the 
strictly increasing sequence of all prefixes of a. Let (Axi, . . . , Xxk) be the subsequence 
of (M(ai), . . . , M(a m )) consisting of all labels of the form Ax. We write A(M,a) for 
(xi, . . . ,x k ). 

Definition 3.4. Let M be a ANF-inhabitant of <f>. We say that M is locally compact if for 
all addresses a in M, the blueprint of M\ a is of relative depth at most |A(M, a) \ x |Sub(0)|. 

Lemma 3.5. Let M be a ANF-inhabitant of (f>. If M is not locally compact, then there 
exist two addresses b, b' such that b < b' , M\b and Miy are of the same kind and 
Free(M|b) = Free(Mib'). Moreover, M is not a ANF-inhabitant of <f> of minimal size. 

Proof. For each address a in dom(M), let a a be the blueprint of M\ a and let X a = 
Free(M| a ). Assume the existence of an a a of relative depth n > \A(M,a)\ x |Sub(0)|. 
There exist b%, . . . , b n +i G dom(a a ) such that b% < . . . < b n < b n +i. By Lemma [2.81 (1) 
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M : (f> 




n> k x |Sub(0) 
Fig. 10. Proof of Lemma 13.51 

we have X a .b n C . .. C X a .{ )1 C A(M, a). By Lemma H.5[ each 4> a -bi is a subformula of </>. 
Hence there exist i,j such that i < j and (Xa.^, <f> a -bi) = (-^a-6 3 ) <Pa-bj)i that is, Mi a . fc . 
and -M] .(,. are applications of the same type and with the same free variables (Figure 
HD|) . Now, let M' = M[a ■ 6* <- M| a . bj ]. The term M' is a A NF -inhabitant of <j> of strictly 
smaller size. □ 



3.2. Vertical compression of a blueprint 

Definition 3.6. We let fr be the least reflexive and transitive binary relation on blueprints 
satisfying the following: if a, b 6 dom(/3), a < b and (3(a) = (3(b), then j3[a <— (3\b\ /3. 

Lemma 3.7. Suppose M € Anf, M : 0, M lh (3 and a /?. There exists a term 
M' G Anf of the same kind as M, of blueprint a and such that |dom(M')| < |dom(M)|. 

Proof. It suffices to consider the case of a = f3[a <— f3^] with a, b E dom(/J), a < b and 
13(a) = (3(b). We prove the existence of M' by induction on the length of a. If a = e then 
M is necessarily an application and /3(e) = (3(b) = hence Mif, is an application of 
type <j>, and we can take M' = M\j,. Assume a ^ e. 

(1) Suppose M = (MiM 2 ), Mi lh (3 l7 M 2 lh #2, a = and 6 = By induction 

hypothesis there exists M/ of blueprint Oj = /?i[ a i ftlftj = Pi[ a i P\b]i °f the same 
kind as Mj and such that dom(M/) < dom(Mj). Let j = 1 if i = 2, otherwise let j = 2. 
Let (Mj,ay) = (Mj,/3j). Let A = (xi, . . . ,x„) be the strictly increasing sequence of all 
variables free or bound in M%. Let Y = (y±, . . . , y n ) be a strictly increasing sequence of 
variables such that Cl(X) = 0(F) and y\ is greater that or equal to the greatest variable 
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of M{. Let Mil be the term obtained by replacing each X{ by j/, in M' 2 . We can take 
W = [M' X M'{). 

(2) Suppose M = Ax. Mi, Mi Ih ft, x : x, a = (l)-ai and 6 = (l)-&i. As a, be dom(/3), 
we have also 01, 61 £ dom(/?i). By induction hypothesis there exists M{ of the same kind 
as Mi, of blueprint ct\ = /?i[ai ^— /3i|bJ and such that dom(M{) < dom(Mi). By Lemma 
I2.15l f2.a) there exist 71, Co, . . . , c p such that {co, . . . , c p } — {c | M\ c = x}, fix . . . 71 
and f3 = *(7i). Since a, b £ dom(a), a\ and Cj are incomparable addresses for all i. Hence 
at = /3i[ai <- ^i| b J >£P ... f>x 71 [01 «- /3i| 6l ] = /3[a <- /?|b]| (1) = By Lemma [2J6] 
there exists a term M" of the same type and with the same domain as M[ such that the 
greatest variable y free in M" is of type x an d {c | M", c — y} — {co, . . . , c p }. By Lemma 
[2~T51 f2.b) we have Xy.M" Ih a, hence we may take M' = Xy.M". □ 

Definition 3.8. A term M 6 Anf is compact when there are no a, b, a' such that a < b, 
M| a and M|f, are of the same kind, Mi 6 Ih a&, a' a& and f2(Free(M| a )) G F (a 1 ). 

Lemma 3.9. Every ANF-inhabitant of minimal size is compact. Every compact Anf- 
inhabitant of 4> is locally compact. 

Proof. Let M by an arbitrary A^-inhabitant of <f>. 

(1) Assume M is not compact. Let a,b be such that a < b, Mi and M\t, are of the 
same kind, M\ b Ih a&, a' ft ab, Free(Af| a ) = X a and r2(A a ) e F(a') (see Figure[TT]). By 
Lemma [3.71 there exists a term N e Anf of blueprint a', of the same kind as M\ b and 
such that |dom(iV)| < dom(M|b)|. By Lemma [2.161 there exists P £ Anf of blueprint 
a', of the same kind as N, such that dom(P) = dom(AT) and Free(P) = X a . The term 
M[a •(— P] is then a ANF-inhabitant of tj> of smaller size. 

(2) Suppose M meets the conditions of Lemma \3. 5 1 Let ay be the blueprint of Miy 
By Lemma r2.15l f3) we have f2(Free(Mi(,)) = 0(Free(Af| b /) £ F(a&'). Since the relation ff 
is reflexive, M is not compact. □ 

4. Shadows 

So far we have isolated two properties shared by all minimal inhabitants fLemma !3.9p . Wc 
shall now exploit these properties so as to design a decision method for the inhabitation 
problem. 

In Section |4~T1 and l4~2l we show how to associate, with each locally compact inhabitant 
M of a formula cf>, a tree with the same domain as M which we call the shadow of M. 
At each address a this tree is labelled with a triple of the form (x a ,7a,</>a) where <j> a is 
the type of M| a , the sequence x a is ^(F ree (^|a))i and -f a is a "transversal compression" 
of the blueprint a a of Mi a (Definitions 14. II and 14. 2[) . Recall that x a £ F (a a ) (by Lemma 
I2.15l f3)). The blueprint j a can be seen as a synthesized version of a a of the same relative 
depth but of smaller "width", and such that x a £ F (7 a ) C F (a a ). 

Each tree prefix of the shadow of M belongs to a finite set effectively computable from 
<p and the domain of this prefix. In particular, one can compute all possible values for 
its labels, regardless of the full knowledge of M - or even without the knowledge of the 
existence of M. The key property satisfied by this shadow at every address a is: 




Fig. 11. Proof of Lemma 13.91 part (1). 

— for each 7' ft j a , there exists a' ft a a such that F (7') CF(a'). 

This property is sufficient to detect the non-compactness of M for a pair of addresses 
(a, 6) only from the knowledge of Xcn ( t>a,,Jb,4>b and the arity of the nodes at a and b. 
Indeed, suppose a < b, <j) a = <j>b and the nodes at a, b are of the same arity (1, or 2). 
Now, assume: 

— there exists 7' ft 7*, such that x a S F (7'). 

Then M\ a and M| & are of the same kind and there exists a' ft aj, such that x a = 
0(Free(M| a )) 6 F (7') C F(a'), therefore M is not compact. 

In Section I4T21 what we call a shadow is merely a tree a n> (x a ,7a,0a) of a certain 
shape, no matter if this tree is the shadow of a term or not. This shadow is compact 
if there is no pair (a, b) as above. Of course, the shadow of a compact term is always 
compact in this sense. 

In Section [5] we will prove that for every formula cj>, the set of shadows of compact 
inhabitants of cj> is a finite set effectively computable from <f> (hence the same property 
holds for the set of compact inhabitants of </>) , and we will deduce from this key property 
the decidability of type inhabitation for HRM-terms. 

4.1. Blueprint equivalence and transversal compression 

Definition 4.1. We let = be the least binary relation on blueprints such that: 

1 0b = 01, 

2 4, = 4,, 

3 if eti = /3i, a 2 = fa, then @^(ai, ai) = @<^(/3i, /3 2 ), 

4 if |a| = \b\ = n and Oi = Pi for eachi e [1, . . . ,n], then %(cti,. . . , a n ) = *^(/3i, . . . ,/3„). 
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In (3), we assume a\, 0(2, Pi, P2 non-empty. In (4), we assume that the elements of each 
sequence a, b are pairwise incomparable addresses. As to avoid circularity we assume also 
a ^ e or b ^ e, and 7^ 0b for at least one i. 

To some extent this equivalence allows us to consider blueprints regardless of the 
exact values of addresses. For instance *a{oti, • • • , a„) = *(ai, . . . , a n ) = *(a n , . . . , ai), 
also *(*(a, /?), 7) = *(a, 0, 7) = *(a, *((3, 7)), etc. It is easy to check that a = (3 implies 
¥ (a) = F {(3) - this property will be used without reference. 

Definition 4.2. For each m G N , we let -r\ m be the least binary relation such that: 

1 if 71 = . . . = 7 m = 7„ l+ i 0b , then *a{ll, • • • ,7m) *a-(6)(7l) • • • ,7m,7m+l), 

2 if a = *s(ai, ■ ■ ■ ,a n ), /3 = . . . ,/3 p ) and a ^ m /3, then: 

(a) @^(a,7) @ (/?, 7 ), 

(b) @ (7,a) ©0(7,/?), 

(c) *a.( c )(ai, ...,a n ,7) *b.( c )(/3l, • • -,Pp,l)- 

We call m-compression of (3 every a such that a ^ m /?. The wwdi/i of (3 is defined as the 
least to G N for which there is no a such that a ^ m (3. 

Again the elements of a ■ (b), a - (c) and b ■ (c) must be pairwise incomparable addresses, 
and a,/3,7 must be non-empty. Note that for all non-empty j3, we have b ^0 P, hence 
the empty blueprint is the only blueprint of null width. If (3 is of width to > 0, then for 
all addresses a, for f3\ a — *a(7i, ■ • ■ >7fc) an d for each 7^ ^ B , the sequence (71, . . . ,7fe) 
contains no more than m blueprints =-cquivalent to 7,. For instance, if <j>, ip, \ are distinct 
formulas, *(<fi,(f),(fi,ip,ip,x) is of width 3, @ w (*(<^>, ^>), <^>), @ w (*(^>, <^), <^)) is of width 
2, etc. 

Definition 4.3. For each m G N , we write C m for the reflexive and transitive closure 
of the union of = and -r^ m - We let E™ ax denote the subset of the relation C m of all pairs 
with a left-hand-side of width at most to. 

For instance, if <p, ip, \ are distinct formulas: 

0b a iax *w>, x, 0) ^r x *(x, 0, 0, v>, vo * w>, 0, 0, ^ x) 

Of course a C m /3 implies a Cj (3 for all j G [1, . . . , m] and clearly, a /3 implies 
|dom(a)| < |dom(/?)|, therefore ~r\ m is well-founded. 

Definition 4.4. For all S C 6, for all d £ N and for all to G N : 

— we let B(<S, d, oo) be the set of 5-blueprints of relative depth at most d, 

— we let B(<S, d, to) be the set of all blueprints in B(<S, d, oo) of width at most to. 

Lemma 4.5. For all finite 5C6, for all d G N and for all m G N : 

1 The set M(S,d,m)/= is a finite set. 

2 A selector R (S, d, to) for B(<S, d, m)/= is effectively computable from (S, d, to). 



Proof. (1) Let B e (c>, d, to) be the set of all rooted blueprints in B(«S, d, to). Assuming 
M e (S,d,m)/= is a finite set and a selector R e (<S,d, to) for B e (<S,d, to)/= is effectively 
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computable from (<S, d, m), we prove that B(<S, d, m)/= and B £ (5,d + l,m)/= are finite 
sets and show how to compute a selector for each set. 

Let (a-i, . . . ,ctk) be an enumeration of R e (iS, d, m). Let £d be the set of all func- 
tions from {1, ...,k} to {0,...,™}. For each j3 £ B(<S, d,m) there exist f3\,...,(3 n G 
B e (<S, d, m) and b such that (3 = *^(/3i, ■ ■ ■ , (in)- We let 073 be the function mapping each 
i £ {1, ...,fc} to the number of occurrences of an element =-cquivalent to a.j in the 
sequence . . . , j3 n ). Clearly op £ Ed and furthermore for all [3' £ B(<S,d, m) we have 
/3 = /3' if and only if ap — a pi , hence B (S, d, m) is a finite set. 

For each r G £d, let p r = *(aj;, . . . , , . . . , a^, . . . , oi^ 1 ) where each a\ is equal 
to Ui. We have p T £ B(<S, d,m) and o~(p T ) = t 5 that is, if t,t' £ £d and r ^ r', then 
Pt ^ /V- Hence we may define M (5, d, m) as {,o T | r G Ed}. 

The finiteness of B e (c>, d+1, m) /= follows immediately from the finiteness of B(iS, d, m) 
and the fact that if f3 = @ (^i, /3 2 ) and f3' = @^(l3[, f3' 2 ) are elements of 1 E (<5, m), 
then Pi , P2 , , /?2 are non-empty elements of B(<S, d, m) and furthermore /? = /?' if and 
only if fix = f3[ and /?2 = /3 2 - The same property allows us to define R e (<S,d + l,m) as 
the set of all blueprints of the form ©0(71, 72) where @^ G S and each 7^ is a non-empty 
element of R (S, d, m). 

(2) The lemma follows by induction on d, using (1) and the facts that: B e (<S, 0,0) is 
empty (hence B(5, d, 0) = {0b} for all d); if m £ N + , then M £ (S,0,m) is the finite set 
of all formulas of S. □ 

4.2. Shadow of a term 

Definition 4.6. Let 4> be a formula. Let <S^ be the union of Sub(</>) (Definition 13. 2\i and 
the set of all @^ such that i/" £ Sub(</>). For each integer k, for each formula </>, we let 
SH(^>, fc) = R (5^, fc x |Sub(0)|, k), where R is the function introduced in Lemma 231(2). 

Definition 4.7. A shadow is a finite tree in which each node is of arity at most 2 and 
is labelled with a triple of the form (%, 7, VOi where % is a sequence of formulas, 7 is a 
blueprint and if> is a formula. 

We call <f>-shadow every shadow 3 satisfying the following conditions. We have 3(e) = 
(e, b , </>)■ F° r each a G dom(S), let k a be the number of 6 < a such that the node of 3 
at b is unary, and let (x a ,la,ipa) = 3(a). Then: 

— X a is a sequence of subformulas of of length at most /c a , 

— 7a G <K(0, fca), 

— Xa eF( 7a ) 

— ?/> Q is a subformula of (/>. 

Definition 4.8. Let M be a locally compact ANF-inhabitant of 4>. For each a £ dom(M): 

— let Xa = 0(Free(M| a )), 

— let a a be the blueprint of M| a , 

— let 7a G |A(M,a)|) be such that 7a EjA(M,a)| 

— let a be the type of M\ a . 

The tree 3 mapping each a G dom(M) to (x a -7a, </>a) will be called i/ie shadow of M. 
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Fig. 12. A compact inhabitant and its shadow. 

Recall that if M is a locally compact ANF-mhabitant of <fi, then for each address a in M, 
the blueprint a a of M| Q is of relative depth at most A(M, a)| x |Sub(</>)|. Every maximal 
| A(M, a) |-compression of a a produces a shadow a a with the same relative depth and of 
width at most A(M, a)\, to which some element of 0\((f), |A(M, a)|) is equivalent, thus the 
shadow of M is well-defined. Note that the choice of 7 a is possibly not unique (although 
it is, since R is a selector and one can actually prove that 7 C™ ax a and 7' C™ x a 
implies 7 = 7', but this property is irrelevant to our discussion). We assume that some 
7 a is chosen for each address a in M. 

Obviously the shadow of M satisfies the first, second and fourth conditions in the 
definition of (^-shadows given above - in the next section, we prove that it satisfies also 
the third. 

4.3. Compact shadows and compact inhabitants 

Definition 4.9. A shadow 3 is compact if and only if there are no a, b such that: a < b, 
the nodes of S at a, b are of the same arity, S(a) = (x a ^la,ip), S(6) = (x o ,7o,V0 and 
there exists 7' ff 76 such that x Q e F (7'). 

Compare this definition with the definition of compactness for term (Definition 13. 8[) . 
With the help of three auxiliary lemmas, we now prove the key lemma of Section 2) if M 
is a compact inhabitant - a fortiori locally compact by Lemma 13.91 - then the shadow of 
M is a compact 0-shadow. 

Lemma 4.10. If a ff- /3 Ci /3', then there exists a' such that o a' f /?'. 

Proof. (1) An immediate induction on dom(/3')| shows that if a = j3[a <— j3\b] and 
/3 = /3', then there exist a',b' such that a' < b' and a = a' = /3'[a' <— /3'i 6 ,]. As a 
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consequence, an immediate induction on the length of the derivation of a •ft /3 shows that 
the lemma holds if f3 = /3'. 

(2) Another induction on |dom(/3')| shows that if a ft fi -r^i P', then there exists a' 
such that a ~r\\ a 1 ft /?'. The only non trivial case is a — *i ai )(pt\), P = *< ai )(Pi) with 
a.\ ft Pi and /?' = *(ai.a 2 )(/3i, P%) with /3j = /32. Since a\ ft /?i = /?2, by (1) there exists a 2 
such that ai = a 2 ft #2. Hence a = *( 01 )(a!i) -^i *( 01 , 02 ) («i, a 2 ) ft *(oi,o 2 )(A,/32) = /?'• 

(3) Using (1) and (2), the lemma follows by induction on the length of an arbitrary 
sequence (f3 , . . . , p n ) such that f3 = P, Pn = P' and = Pi or /3j_i -^i Pi for each 
ie [1,...,4 □ 



Lemma 4.11. If a Ei /3, then F (a) C F (/3). 



Proof. By induction on |dom(/3)|. Since 7 = 7' implies F (7) = F(7') and |dom(7)| = 
|dom(7')|, it suffices to consider the case where a is a 1-compression of p. The case 
a = *(ai)( Q! i) an d /3 = *(ni,a 2 )( Q i! Q 2) is clear. The remaining cases follow easily from 
the induction hypothesis. □ 



Lemma 4.12. If a C m /?, then the set of all elements of F (/3) of length at most m is a 
subset of F (a). 



Proof. By induction on |dom(/3)|. Again, we examine only the case a ^ m p. The 
proposition is trivially true if m = 0. Suppose m > 0. The only non-trivial case is 
a = *u(ll, ■ ■ -,7m) and P = *<j(7i, . . . ,7toj7to+i) with 7 4 = 7 for all i. Let $ = FJ7). 
For each integer k, let = ©($1, . . . , where $; = F (7) for each i. Let <fi = 

(0i, . . . , 4>p) G F (/3) be such that p <m. We have to prove that <\> G F (a). For each J C 
{1, . . . ,p}, let (ji, ■ ■ ■ , j q ) be the strictly increasing enumeration of all elements of J and 
let /(J) = , . . . , We have 4> G F (P) = hence there exist Ji, . . . , J m+ i 

such that Ji U . . . U J m +\ = {1, . . . ,p}, and /( Ji) € F (7) for each i G {1, . . . , m + 1}. 
For each j G {1, . . . ,p}, let kj be any element of {1, . . . , m + 1} such that j G J^. . Then 
4U-..U4 f = {1, . . . ,p}, so G ©({ f (J fel )}, ■ • ■ , {/( J fep )}) C $W C = F (a). □ 

Lemma 4.13. Let M be a locally compact ANF-inhabitant of (j). The shadow of M is a 
0-shadow. If M is compact, then this shadow is also compact. 



Proof. For each address a in M, the sequence x a = ^(Free(A/| a )) is a subsequence 
of Q(A(M, a)), hence the first proposition follows from the definition of the shadow of 
M, Lemma [1.51 Lemma [2.151 (3') and Lemma [4.121 Let S be shadow of M. Assume S 
is not compact. There exist a, b G dom(S) = dom(M) such that E(a) = (XajTajVO) 
— (XbiTfeiVOi the nodes at a, 6 in 3 are of the same arity, and there exists 7' ft 76 
such that Xa £ 1F(7')- We have Mi a , Mi 5 of the same kind. Let a a ,ab be the blueprints 
of M, , M| 6 . Since 7^ Ef^M .^j c*b, we have 7' ft 7^ Ei a;,. By Lemma I4T0I there exists 
a' such that 7' El a' ft By Lemma [4.111 we have x a S F (7') C F (a'), hence M is 
not compact. □ 
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5. Finiteness of the set of compact ^-shadows 

Our last aim will be to prove that for each formula 0, the set of all compact ^-shadows 
is a finite set effectively computable from <f>. 

In definition 15. 1| we introduce a last binary relation <e on blueprints. The key lemma 
of this section (Lemma I5.14|) shows that whenever S C & is a finite set (in particular 
when S is the set of all subformulas of <j> and all @'s tagged with a subformula of <j)), the 
relation <s is an almost full relation (Bezem, Klo p and de Vrijer 2003[ ) on the set of all 
5-blueprints: for every infinite sequence 71,72, ■ • ■ over B(5), there exists i, j such that 
i < j and 7^ (e 7,-. This result will be proven with the help of Mellies' Axiomatic Kruskal 
Theorem ( Mellies 1998). The finiteness of the set of compact 0-shadows follows from this 
key lemma with the help of Konig's Lemma (Lemma l5.15[) . The ability to compute these 
shadows follows directly from their definition. 

By Lemma [4.13[ a consequence of this result is also the finiteness for each <j> of the 
set of all compact AwF-inhabitants of <j>, although our decision method is based on the 
computation of shadows of compact terms rather than a direct computation of those 
terms. It is worth mentioning that the proof of Theorem 15.131 is non- constructive and 
that it gives no information about the complexity of our proof-search method - this 
question might be itself another open problem. 

5.1. Almost full relations and Higman Theorem 

Definition 5.1. We let <e be the relation on blueprints defined by a <e j3 if and only if 
for all x G F (a), there exists 7 ff P such that x £ F (7). 

Definition 5.2. Let U be an arbitrary set. An almost full relation (AFR) on hi is a 
binary relation <C such that for every infinite sequence (itj)j e iq over IA, there exist i,j 
such that i < j and U{ <C Uj . 

The main aim of Section [5] will be to prove the last key lemma from which we will easily 
infer the decidability of ANF-mhabitation: for each finite S C (5, the relation <s is an 
AFR on 1(5). 

Proposition 5.3. 

1 If < and <' are AFRs on U, then < n <' is an AFR on U. 

2 Suppose <^u is an AFR on U and ^Cy is an AFR on V. Let <Cwxv be the relation 
defined by (17, V) < WxV (U' , V) if and only if U <C W U' and V < v V. Then < WxV 
is an AFR onMxV. 

Proof. See (Mellies 1998J. Both results appear in the proof of Theorem 1, Step 4 (p. 523) 
as a corollary of Lemma 4 (p. 520) □ 

Definition 5.4. Let U be a set, let < be a binary relation. We let §(W) denote the 
set of all finite sequences over U. The relation <Cs induced by <^ on S(U) is defined by 
(Z7i, . . . , U n ) <Cs (Vi, . . . ,V m ) if and only if there exists a strictly monotone function 
T) : {1, . . . , n} —> {1, . . . , m} such that fTj <C V^i) for each i e {1, . . . , n}. 
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Theorem 5.5. (Higman) If < is an AFR on U, then <§ is an AFR on S(W). 

Proo/. See ( |Higman 1952| IKruskal 197 21 IMellies 1998| ). □ 

5.2. From rooted to unrooted blueprints 

Mellies' Axiomatic Kruskal Theorem allows one to conclude that a relation is an AFR 
(a "well binary relation" in (Mellies 1998)) as long as it satisfies a set of five properties 
or "axioms" (six in the original version of the theorem - see the remarks of Mellies at 
the end of its proof explaining why five axioms suffice). The details of those axioms will 
be given in Section [5.31 

Four of those five axioms are relatively easy to check. The remaining axiom is more 
problematical. This rather technical section is entirely devoted to the proof of Lemma 
I5.11[ which will ensure that this last axiom is satisfied. We want to prove the following 
proposition: 

Let S be a finite subset of&. Let B E be a subset o/B e (<S). 
Let B = {*o-(/3i,..., Pn)\Vi £ [l,...,n],# € B £ }. 
Lf <e is an AFR on B e , then <s is an AFR on B. 

Recall that B e (<S) stands for the set of all rooted 5-blueprints. We want to be able to 
extend the property that <s is an AFR on a given set of rooted blueprints to the set all 
blueprints that have those rooted blueprints at their minimal addresses. 

Higman Theorem suffices to show that <ss (Definition 15. 4p is an AFR on the set of 
finite sequences over B e . However, if one considers an infinite sequence (ft)i<=N over B and 
transforms each ft = *a;(ft, ■ • ■ )ft\J where ft, . . . ,ft>. G B £ into cr(ft) = (ft, . . . , ft\J, 
the theorem will only provide two integers i,j and strictly monotone function rj such 
that i < j and ft <g ft^j.) f° r each k G {l,...,n.j}. This is sufficient to ensure that 

ft = *ai(Pi, ■ ■ ■ , ftj <s *fc(ft^(i). ■ * * j ^ (ni) ), but not in general ft <s ft. 

To bypass this difficulty we show how for each blueprint j3 G B(5), one can extract 
from the set of all vertical compressions of j3 a complete set of "followers" of /3 of minimal 
size (Lemma 15 .7j) . This set {a±, . . . , a p } has the property that for each (j) G F (ft), there 
exists at least one en such that F (ctj) contains a subsequence of (j> ~ but not necessarily 
(j) itself. The relative depth of each an does not depend on the relative depth on ft but 
only on S: it is at most E^-lj i, where S@ is the set of all binary symbols in S. The 
lemma in proven in four steps. 

ii I £ I 

First, observe that the set of all a -ft j3 of relative depth at most S i= J i is a complete 
set of followers. If we consider the set of all 7 such that 7 C™ ax a for at least one such 
a, we obtain a (possibly infinite) set closed under = and finite up to =. We call it the 
set of S-residuals of ft 

Second, we prove that the set of <S-residuals of (3 is a complete set of followers of j3 in 
the same sense, that is, for each <\> G F (ft) there exists an 5-residual 7 of (3 such that 
F (7) contains a subsequence of <f> (Lemma I5.9j) . 

Third, we prove that if /3 = v(ft, . . . ,0 n ), ft = *^(ft, . . . ,P' n ,0' n+ i, ■ . . ,P' n+k ) are 
such that ft (E ft for each i G [1, . . . , n], and if furthermore ft ft have the same set of 
5-residuals, then /3 <e ft (Lemma 15. 10p . 
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The last step is the proof of the lemma itself. The set of 5-residuals is finite up to = 
(Lemma [43]), so there are only a finite number of possible values for the set of residuals 
of each S- blueprint. As a consequence, it is always possible to extract from an infinite 
sequence over B an infinite sequence of blueprints with the same set of residuals. The 
conclusion follows from the third step and Higman Theorem. 

Definition 5.6. For every S C (5, we let 5@ denote the set of all binary symbols in S. 

Lemma 5.7. Let S be a finite subset of ©. For all (3 G B(5), for all ~i> G F(/3), there 
exists a of relative depth at most S|i| Se ' i such that a ft /3 and such that F (a) contains 
a subsequence of tp. 

Proof. Call S -linearisation every pair (7,%) such that 7 G B(<S) and \ G ^(7). Call 
starting address for (7,%) every address b for which there exist 7' such that 7 >a 7' 
and x G ®(F (7')) ($))• Call path to b in 7 the maximal sequence (61, ... , b n , b n +i) over 
dom(7) such that bi < . . . < b n < b n+ i = b. 

Given an arbitrary S- linearisation we prove simultaneously by induction on 

|dom(/?)| the following properties: 

1 There exists an iS-linearisation (7,%) such that: 

(a) 7 ft j3 and \ is a subsequence of ip, 

(b) 7 is of relative depth at most 1 + T,\Ji i. 

2 There exists an 5-linearisation (a, (f) such that: 

(a) a ft /3, </> is a subsequence of i/ 1 , 

and if '0 7^ e, then the last elements of ^ are equal, 

(b) for each starting address b for (a, <^>) and for (pi, ... , b n , b n +\) equal to the path 
to b in a, the values a(bi), . . . , a(b n ) are pairwise distinct, 

(c) for all c incomparable with each starting address for (a, 6), 

151 

(a| c ) is of relative depth at most 1 + 5^Jj i. 

Note that the conjunction of (2.b) and (2.c) implies that every address d in a is of relative 
depth at most + i = £*lj' Ss ' i. Indeed, suppose d is of maximal relative depth 

and not a starting address for (a, <fi). Then d must be incomparable with each starting 
address for (a, (/)). Let e be the shortest prefix of d in dom(a) that is incomparable with 
each starting address for (a,(f>). The address e is of relative depth at most |5<a| in a - 
otherwise there would exist in dom(a) an address / < e of relative depth \S@\ and a 
starting adress for (a, <fi) of the form / • /', of relative depth strictly greater than |5 Q |, a 
contradiction. Moreover the relative depth of d is the sum of the relative depth of e in a 
and the relative depth of a\ e . 

The cases /3 = 0b is immediate. If = *a(Pi, . . . ,/3 n ), i j and (3 i: (3j ^ 0b , then the 
conclusion follows easily from the induction hypothesis. Suppose /? = @^(/3i, (3 2 )- 

(1) Let d be an address of maximal length in (3~ l (@ 1 p). Let S = ©^(81,62) — fiu. By 
assumption e is the only element of As -0 G F (/?) , there exist O G F (<5), G 

F (<5i), -02 e ^ (£2) such that ip is a subsequence tp and ip G ®({"0i}> {^2})- By induction 
hypothesis there exists an (S — {@^})-linearisation (71, Xi) satisfying conditions (l.a), 



V. Padovani 



30 



(l.b) w.r.t (Sijipi), and an (S — {@^})-linearisation (72, X2) satisfying conditions (2. a), 
(2.b), (2.c) w.r.t (62,^2). Let 7 = @^( 7 i, 72 ). We have 7 fr 8 and /3(e) = 5(e) = 7(e), 
hence 7 ff /3. The blueprint 71 is of relative depth at most 1 + I]^®' -1 ^ < sjfj' i. The 
blueprint 72 is of relative depth at most ISol + Ejf^' -1 = i. Therefore 7 is of relative 
depth at most 1 4- £|_5 i. Now x 2 is a subsequence of -02 with the same last element, 
so there exists in ®({Xi}i{x~2}) £ F (©,^(71, 72)) a subsequence x 01 Vv Thus (7,x) 
satisfies (l.a) and (l.b) w.r.t (f3,ip). 

(2) As ip S F Q3), there exist ^eF (A), V>2 e F (AO such that i> G ©({^J, {? 2 }). By 
induction hypothesis there exists an 5-linearisation (ai,^) satisfying conditions (l.a), 
(l.b) w.r.t (Pijipi), and an ^-linearisation (a2, </> 2 ) satisfying conditions (2. a), (2.b), (2.c) 
w.r.t (p2,ip 2 )- _ 

Let ao = @^(ai,a2). We have a f (3. The last elements of (j> 2 , i>2 are equal and 
®({^i}> {^2}) 5= F(ao). Hence there exists in F(ao) a subsequence (f> of with the 
same last element as ip. Thus (ao,0 o ) satisfies (2. a). 

For all c incomparable with each starting address for (ao,^ ), either c = (1) • c' and 
c' G dom(ai), orc= (2)-c" and c" € dom(a 2 ) is incomparable with each starting address 
in a 2 . As a consequence, the choice of ai,a 2 ensures that (a o ,0 o ) satisfies (2.c). 

If (ao, <Po) satisfies (2.b), then we may take (a, <f) = (ao, 4> ). Otherwise some starting 
address b for (ao, 4>o) does not satisfy condition (2.b). Let (61, ... , b n , b n+ i) be the path 
to b in a. We have b\ = e, and for each i > 0, there exists such that 6^ = (2) • di. The 
sequence (d 2 , ■ • ■ , d«+i) is then a path to d — d n+ \ in a 2 , and d is a starting address for 
(a.2i4>2)- The values a 2 (o?2), ■ • ■ ,ct2(d n ) are pairwise distinct, so there must exist i > 1 
such that a(bi) = Since bi is in the path to b, there exists in ¥ (a 2 \di) a subsequence 
O of 4> with the same last element as </> . For a = ao[e <— a 2 \ d .], we have a' Q fr (3, 
4>q G F (a ) and the last elements of 4> ,(f>Q,ip are equal. By induction hypothesis there 
exists an 5-linearisation (a, (j>) satisfying (2. a), (2.b), (2.c) w.r.t (a' , cf> ). The pair (a, <fi) 
satisfies also those conditions w.r.t (f3,ip). D 

Definition 5.8. Let S be a finite subset of 6. For all (3 G B(S), for all a fr (3 of relative 
depth at most E^J 50 i, we call S -residual of /3 every ao such that ao (Z™ ax a. 

Note that the set of 5-residuals of (3 is {0b } if (3 = b ■ Otherwise, it is an infinite set: 
even if j3 = <f>, the set of residuals of f3 is the =-equivalence class of (3 and contains all 
blueprints of the form * a (4>) (recall that = is a subset of C 1; see Definition I4.3[) . 

Lemma 5.9. Let S be a finite subset of 6. For all f3 G B (S) and for all tjj G F ((3), there 
exists an iS-residual ao of (3 such that F (ao) contains a subsequence of if). 

Proof. (1) Let 7, 8 be arbitrary blueprints. Suppose 7 ^1 (5. We prove by induction on 
S that for all G F (S), there exists in F (7) a subsequence of (f>. In order to deal with the 
case 6 = ©^(61,62), we need to prove a slightly more precise property: for all G F (<5), 
there exists in F (7) a subsequence ip of (f> such that the last elements of <f>, ip are equal. 
The base case is 8 — *( a i,a 2 )(7ij72)> 7i = 72 and 7 = *ai(7i)> and this case is clear. 
Other cases follow easily from the induction hypothesis. 

(2) We prove the lemma. By Lemma 1 5. 71 and by definition of an 5-residual, there exist 
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ao, a such that ao El ot ft /?, F (a) contains a subsequence of ip and ao is an 5-residual. 



— the sets of 5-residuals of (3 and P' are equal. 
Then $ <s p'. 

Proof. Let ^ G F (/?). There exists for each z s [1, . . . , n] a sequence tp i £ F (/%) such 
that ^ € • ■ • , {V'n})- By assumption there exists for each i £ [1, . . . ,n] an a.; ft $ 

such that tpi £V (ai). As a consequence tp £ F (*(ai, . . . , a n )). 

By Lemma 15.91 there exists an 5-residual a of ft such that F(ao) contains a subse- 
quence tfiofip. By assumption ao is also an 5-residual of /?', hence there exist a[, . . . , a' n+k , 
b such that ao Qi *^(a[, ■ • ■ , a' n+k ) ft /3'. By Lemma l4.Hl we have <j> £ F . . . , o4+fc)) 

Hence for each i £ [1, . . . ,n + k], there exists in F(o^) a subsequence of 0, which is 
also a subsequence of if). Now, let a = *-g(ai, . . . ,a n ,a' n+1 , . . . ,a' n+k ). Then a ft /?', 
if G F (*(a 1; . . . a„)), and for each j G [1, . . . , k] there exists in F (a^ + •) a subsequence 
of As a consequence ^ € F (a). □ 

Lemma 5.11. Let S be a finite subset of ©. Let B e be a subset of B e («S). Let B = 
{*a(Pi,- ■ • , Pn)\ V« S [1, . . . , G B e }. If <s is an AFR on B s , then d is an AFR on B. 

Proof. Let TZ = 1(5, X^j 5 ® 1 i, 1) (see Definition H3J) . For each (3 £ B, let j o(/3) be the 
set of 5-residuals of /3. We have p(p) C 7?.. Moreover p(/3) is closed under = (as = is a 
subset of C l5 see Definition I4.3[) . that is, p(/3) is a union of the elements of a subset of 
lZ/=. By Lemma T4. 51 (1) the latter is a finite set, therefore {p(P) | ft £ B} is a finite set. 

For each /? = *a{Pi, . . . , P n ) £ B where a is increasing w.r.t the lexicographic ordering 
of addresses and /3 1; . . . , (3 n £ B E , let a (ft) = (Pi, . . . , (3 n ) - recall that we can take a — e, 
n = if j3 = 0b , and a = (e), n = 1 if ft is a rooted blueprint. Since {p(/3) /3 G S} is 
a finite set, every infinite sequence over B contains an infinite subsequence of blueprints 
with the same set of 5-residuals. By assumption <s is an AFR on B e . By Theorem 15.51 
<£ S is an AFR on {a(P) | f3 £ B}. 

Thus for every infinite sequence (Pi)ieN over B there exist i,j such that i < j, 
o~(Pi) <ss &(Pj) an< i Pi, Pj have the same set of residuals. For <r(Pi) = (p\, . . . ,P % n ) 
and a(Pj) = (Pi,... 7 P 3 n+k ), there exists a subsequence (P\ , ...,P\) of a(Pj) such that 
Pi € PI , . . . ,P % n <e j9j . There exist also Z n +i, . . . , and two sequences a and 6 such 



that p t = *a{P\ , ■ ■ ■ , PI) and Pj = H {Pl # b ,#,...,#). By Lemma EH wc 



It follows from (1) that F (ao) contains a subsequence of tp. 



□ 




have Pi <e /3,-. 



□ 



5.3. Axiomatic Kruskal Theorem and main key lemma 
The following definition is borrowed from (Mellies 1998): 
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Definition 5.12. An abstract decomposition system is an 8-tuple 

{T,C,V,<t,<c,<v,-+^) 

where: 

— T is a set of terms noted t,u, . . . equipped with a binary relation Xy, 

— £ is a set of labels noted f,g,... equipped with a binary relation 

— V is a set of vectors noted T,U, . . . equipped with a binary relation ^y, 

f 

y is a relation on T x £ x V, e.g. t — s- T 

— b is a relation on V x T, e.g. Tht. 

For each such system, we let >7- be the binary relation on 7" defined by 
t > T u 3(/,T) g £ x V, f^Thji 

An elementary term t is a term minimal w.r.t >y, that is, a term for which there exists 
no u such that t >y u. 

Theorem 5.13. (Mellies) Suppose (T, £, V, ^y, <c, -<y, — >, h) satisfies the following- 
properties: 

— (Axiom I) There is no infinite chain t\ >y £2 >y • ■ • 

— (Axiom II) The relation r<y is an AFR on the set of elementary terms. 

— (Axiom III) For all t, u, u', 

if t <j- v! and u t>y u' , then t <j- u. 

— (Axiom IV-bis) For all t, u, /, g, T, U, 

if t — y T and u — ^-y [7 and / <c 9 an d T <\> U, then t ;<y u. 

— (Axiom V) For all W C V, for W h = {* G T | 3T G W, T b i}, 
if ;<y is an AFR on Wh, then ^ v is an AFR on VV. 

If furthermore <c is an AFR on £, then <-y is an AFR on T . 

Proof. See (jMellies 1998|) . Mellies' result is actually established for an alternate list of 
axioms (numbered from I to VI) . The possibility to drop Axiom VI and to replace Axiom 
IV with Axiom IV-bis is a remark that follows the proof of the main theorem. □ 

Lemma 5.14. For each finite 5C6, the relation <s is an AFR on IB (5). 

Proof. According to Lemma lS.lll it is sufficient to prove that <g is an AFR on B e (5). Let 
(T, £, V, <Ti diCi diVi b) be the abstract decomposition system defined as follows. 

— The set T is l e (5); we let a <r (3 if and only if there exists an address c such that 
a <e (/3| c ) and a(e) = (P\ c )(e). 

— The set £ is the set of all @'s in 5, the relation <c is the identity relation on this set. 

— The set V is 1(5) x 1(5). 

The relation is defined by (ai, 02) diV (/3l> P2) if and only if ai <s /3i and ai <s fa. 

— The relation — y is defined by a — > (fa, fa) if and only if a = @,f,(fa, fa). 

— The relation b is the least relation satisfying the following condition. If V = (ax, 012)1 
i e {1,2}, fa,..., fa G 1 E (5) and ccj = *w(fa, ■ ■ ■ , fa), then V b /3j for each j G 
[l,...,n]. 
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Note that the elements of V are pairs of blueprints that may be rootless. However if 
V h fa then the blueprint (3 is always a rooted blueprint, thus the relation h is indeed a 
subset of V x T. 

(A) For all V C T, the relation <g is an AFR on T' if and only if < T is an AFR 
on T'. Indeed, consider an arbitrary infinite sequence a over T' . This sequence contains 
an infinite subsequence (a)igN such that all a,(e) are equal. Clearly on <e <Xj implies 
OLi r^T a j- Conversely, if on ~<t otj, then there exists c such that on (s aji c and ai(ff) = 
aj(e) = ct,(c). So cti <s ctj^f aj, hence oti (s ay. 

(B) We now check that all axioms of Theorem 15 . 131 are satisfied. Axiom I is clear. The 
set of elementary terms is the set of all blueprints consisting of single formulas of S. 
The relation -<j- is of course an AFR on the set of elementary terms, that is, axiom II 
is satisfied. Axiom III is immediate. If (0*1,0:2) (fix, fa) then ot\ <s fa and o 2 g fa, 
hence @^(ai,a 2 ) <s @^{fa, fa), a fortiori @^,(ai,a 2 ) <r ®ip{fa-,fa)i hence Axiom IV- 
bis is satisfied. It remains to prove that Axiom V is satisfied. Let W C V. By definition 
W h = {/3 £ T|3(oi,a 2 ) G W, (ai,a 2 ) h /?}. Assuming ^ r is an AFR on W h , we 
prove that ^ v is an AFR on W. By (A) the relation <g is an AFR on Wh C B e (5). Let 
6 = {*a(fa, ■ ■ ■ , fa)\ Vi G [1, . . . , 6 Wh}- By Lemma [5~TT1 the relation m is an AFR 
on B. Moreover WCBxB. By Proposition l5.3K 2) the relation is an AFR on B x £>, 
therefore an AFR on W. □ 

Lemma 5.15. For each formula 0, the set of all compact 0-shadows is a finite set 
effectively computable from (j>. 

Proof. For each compact </>-shadow 3 and for each address a such that a is a leaf 
in 3, call step- continuation at a of 3 every compact 0-shadow 3' such that dom(3') C 
dom(3) U {a ■ (1), a • (2)} and 5, 5' take the same values on dom(S). Let ~-> be the relation 
defined by 3 3' if and only if 5' is a step continuation of 3. By Lemma T4.5I and the 
fact that the set of sub formulas of <f> is a finite set, for all 3, the set of all 5' such that 
5 3', is a finite set effectively computable from 3. Let C be the closure under ~-» of 
{(e h4 (e, 0b , 0))} The set of all compact (^-shadows is clearly equal to this set, hence it 
suffices to prove that C is a finite set. Assume by way of contradiction that C is infinite. 
By Konig's Lemma there exists an infinite sequence So ~~» Si . . . over C. The union 
Soo = Ui>o 5^ is a tree of infinite domain. By Konig's Lemma again, there exists an 
infinite chain of addresses a\ < a 2 < . . . such that all are nodes of S m with the same 
arity and labelled with the same subformula of cf>. If i < j and aj, aj are labelled with 
(Xi> li,^), (Xi, Ij, "0)) then we cannot have 7.; (g jj, otherwise there would exist a k such 
that 3/j is not compact. A contradiction follows from Lemma 15.141 □ 

6. From the shadows to the light 
Theorem 6.1. Ticket Entailment is decidable. 

Proof. The following propositions are equivalent: 

— the formula <f> is provable in the logic T_>., 

— the formula <f> is inhabited by a combinator within the basis BB'IW, 
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— the formula (f> is ANF-hihabited (Lemma ll.101) . 

— there exists a compact ANF-inhabitant of cj> (Lemma !3-9[) 

— there exists a compact 0-shadow with the same tree domain as a ANF-inhabitant of 
4> (Lemmas l3Jl and |4~T3| . 

By Lemma 15.151 the set of compact ^-shadows is effectively computable from <fi. By the 
subformula property (Lemma 11.51) . for each shadow H in this set, up to the choice of 
bound variables, there are only a finite number of ANF-inhabitant of <fi with the same 
domain as S. Moreover this set of inhabitants is clearly computable from S and <fr. Hence 
the existence of a ANF-inhabitant of <f> is decidable. □ 
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